Relovi Club (ABN 16 846 489 015) (“we”, “us”, “our”). We respect your privacy and handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
This policy explains what we collect, why, who we share it with, and your choices. It applies to the Relovi Club mobile app, website, and admin tools (together, the “Service”).
1. Who we are
We run a peer-to-peer marketplace for pre-loved baby and children’s items. Buyers and sellers are other users, not us. We provide listing, messaging, payments facilitation, and moderation tools.
For privacy enquiries, complaints, or access/correction requests, contact us at the details above. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
2. What personal information we collect
We collect information you provide, information generated when you use the Service, and information from service providers.
2.1 Account and profile
| Data | Purpose |
|---|---|
| Email address and password (stored by our auth provider; we do not store plain-text passwords) | Create and secure your account |
| First name, last name, display name, username | Identity and display in the app |
| Date of birth | Verify minimum age (18+) |
| Gender (optional) | Profile and discovery preferences |
| Phone number (when verified) | Account security, notifications, and trust & safety |
| Profile photo, shop banner, bio | Your public shop profile |
| Suburb, city, state, postcode | Location-based discovery |
| Approximate latitude/longitude (rounded/coarse) | Show listings near you without exposing exact home address |
| Stripe Connect account ID and payout status (sellers) | Pay sellers and comply with payment regulations |
2.2 Listings and commerce
| Data | Purpose |
|---|---|
| Listing photos, titles, descriptions, prices, categories, condition | Marketplace listings |
| Offers, order status, shipping address, tracking numbers | Complete transactions |
| Payment method details (processed by Stripe; we do not store full card numbers) | Card checkout |
| Cash-at-pickup arrangements (recorded in order metadata) | Alternative payment method you choose with another user |
| Platform fee and payment records | Billing, disputes, and accounting |
2.3 Messaging and community
| Data | Purpose |
|---|---|
| Chat messages between users | Buyer–seller communication |
| Read-receipt preference | Your messaging settings |
| Automated moderation signals (e.g. blocked phone numbers, emails, URLs, bank details in chat) | Reduce fraud and off-platform payment risk |
| Reports you file, blocks, and moderation outcomes | Trust & safety |
| App store reviews you submit (optional) | Product improvement |
2.4 Support and admin
| Data | Purpose |
|---|---|
| Support ticket subject, messages, attachments | Help you with the Service |
| Internal admin notes (not shown to you) | Resolve tickets and enforce policies |
| Moderation flags, admin actions on listings/accounts | Keep the marketplace safe |
2.5 Device and usage
| Data | Purpose |
|---|---|
| Push notification token (Expo) | Send alerts you opt into |
| Listing view events (including a guest device session identifier before sign-up) | Analytics and listing performance |
| Server and security logs (IP address, device type, timestamps) via our hosting providers | Security, debugging, and abuse prevention |
We do not intentionally collect sensitive information (e.g. health, racial origin) unless you voluntarily include it in a listing, message, or support ticket. Please avoid sharing unnecessary sensitive data.
3. How we collect information
- Directly from you — signup, profile, listings, messages, checkout, support, reviews.
- Automatically — when you use the app (views, logs, push token registration).
- From third parties — Stripe (payment and Connect status), Supabase (auth/session), and app stores (install/update metadata only).
4. Why we use personal information (purposes)
We use personal information to:
- Provide and improve the Service (accounts, listings, chat, checkout).
- Facilitate payments between buyers and sellers via Stripe.
- Verify age, phone, and seller eligibility.
- Send transactional and optional push notifications.
- Moderate content, investigate reports, and enforce Community Guidelines and Terms of Use.
- Operate admin and analytics tools.
- Comply with law, respond to lawful requests, and resolve disputes.
- Protect users and our business from fraud, abuse, and security incidents.
We rely on APPs grounds including: consent (e.g. optional marketing/push where applicable), primary purpose of providing the Service, secondary purposes reasonably expected by you, and legal obligations.
5. Who we disclose information to
We share personal information only as needed:
| Recipient | Why |
|---|---|
| Other users | Public profile, listings, and messages you send; shipping details shared with your counterparty in a transaction. |
| Supabase (database, auth, storage, edge functions) | Host and operate the Service. Infrastructure may be located outside Australia (see §6). |
| Stripe | Card payments and seller payouts. Subject to Stripe’s privacy policy. |
| Expo / Apple / Google | Push delivery and app distribution. |
| Professional advisers | Legal, accounting, or insurance where required. |
| Law enforcement or regulators | When required or permitted by law. |
| Successors | If we merge, sell assets, or restructure (subject to this policy). |
We do not sell your personal information.
6. Overseas disclosure
Our processors (including Supabase and Stripe) may store or process data in the United States and other countries. Where we disclose personal information overseas, we take reasonable steps to ensure recipients handle it in a way consistent with the APPs (contractual safeguards, provider certifications, or your consent where appropriate).
7. Storage and security
We use industry-standard measures: encryption in transit (HTTPS/TLS), access controls, row-level security in our database, and restricted admin access. No system is completely secure; report suspected issues to [email protected].
8. Retention
We keep personal information only as long as needed for the purposes above, including:
- Active accounts — while you use the Service.
- Transactions and tax records — typically 7 years after the transaction (or as required by Australian law).
- Moderation and safety records — as long as needed to prevent repeat abuse and defend legal claims.
- Support tickets — generally up to 24 months after closure unless linked to an active dispute.
- Server logs — typically 90 days unless needed for security investigations.
When you delete your account (see §10), we delete or de-identify personal information except where we must retain it for legal, fraud-prevention, or dispute reasons.
9. Your rights and choices
Under the APPs you may:
| Right | How |
|---|---|
| Access | Email [email protected] with your account email. We respond within a reasonable time (usually 30 days). |
| Correction | Update profile in-app or contact us if you cannot edit something. |
| Deletion | Settings → Account → Delete my account, or our account deletion page (same process; blocked while you have open payments or unresolved orders). |
| Complaint | Contact us first; then OAIC if unresolved. |
| Opt out of marketing | Use unsubscribe links or contact us (transactional messages may still be sent). |
| Push notifications | Disable in device or app settings. |
We do not currently offer automated data export (download my data). You may request a copy by email; we will provide reasonable access in a usable format where practicable.
10. Account deletion
In-app deletion triggers removal of your profile, listings, and associated personal data from active systems, subject to:
- Open orders or payment disputes (deletion may be blocked until resolved).
- Records we must keep for law, tax, or fraud prevention (retained minimally and securely).
Deletion does not remove messages already received by other users or public copies outside our control.
11. Children and minimum age
The Service is for users aged 18 and over only. We do not knowingly collect personal information from anyone under 18. If you believe a minor has an account, contact [email protected] and we will take appropriate steps.
12. Direct marketing and the Spam Act
We may send service-related emails and push notifications (orders, messages, security). Commercial electronic messages with promotional content will include sender identification and an unsubscribe facility, consistent with the Spam Act 2003 (Cth).
13. Notifiable data breaches
If a data breach is likely to result in serious harm, we will assess and, where required, notify affected individuals and the OAIC under the Notifiable Data Breaches scheme.
14. Changes to this policy
We may update this policy from time to time. We will post the new version with an updated “Last updated” date and, for material changes, notify you in-app or by email where appropriate. Continued use after the effective date means you accept the updated policy.
15. Summary — types of information (APP 1)
We collect: identity and contact details; profile and location (coarse); listings and photos; messages; payment and order data via Stripe; device/push tokens; usage and security logs; support and moderation records.
Main purposes: operate the marketplace, payments, safety, support, analytics, and legal compliance.
Main disclosures: other users (as part of using the marketplace), Supabase, Stripe, Expo/app stores, advisers, and authorities when required.
Overseas: yes — US and other jurisdictions via cloud providers.
Contact: [email protected] | Australia
This document should be read with our Terms of Use and Community Guidelines.